IN THE CLAIMS 
This listing of claims replaces all prior listings: 

1. (currently amended) A person authentication application data processing system 
for performing a person authentication process by comparing a template extracted from a 
person identification certificate, the template including person identification data of an 
individual user who uses an information processing apparatus, and user input sampling 
information, said person authentication application data processing system comprising: 

an information processing apparatus that performs person authentication; and 
a person identification certificate authority that issues person identification 
certificates, 

wherein said information processing apparatus retrieves a person identification 
certificate for person authentication based on user input information, and , when the 
information processing apparatus determines that the person identification certificate has not 
been received from the person identification certificate authority and stored locally in a local 
storage device of the information processing apparatus, outputs a request for issuing a person 
identification certificate to the person identification certificate authority wh e n a person 
identification c e rtificat e corr e sponding to th e us e r input information cannot b e e xtract e d , 

said person identification certificate authority creates a person identification certificate 
including an encrypted template, which can be decrypted in said information processing 
apparatus, and issues the person identification certificate responsive to the request from the 
information processing apparatus, and 

said information processing apparatus stores the person identification certificate 
issued from said person identification certificate authority in the a storage device of the 
information processing apparatus. 

2. (previously presented) A person authentication application data processing system 
according to Claim 1, wherein, when said information processing apparatus stores a newly 
obtained person identification certificate in the storage device, and when said newly obtained 
person identification certificate is a person identification certificate corresponding to the same 
user for an existing public key certificate which has already been stored in said information 
processing apparatus, said information processing apparatus creates pair information of 
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identifiers of each person identification certificate and stores the pair information in the 
storage device. 

3. (previously presented) A person authentication application data processing system 
according to Claim 1, further comprising a certificate authority that issues public key 
certificates, 

wherein, said information processing apparatus retrieves a public key certificate used 
during data communication with an external apparatus, with stored data of the storage device 
of the information processing apparatus being used as the retrieval target on the basis of the 
user input information, creates a pair of a public key and a secret key when the applicable 
public key certificate cannot be extracted, transmits the created public key to the person 
identification certificate authority which is the issuing entity of the public key certificate, and 
makes a request for issuing a person identification certificate, 

said person identification certificate authority performs issues a public key certificate 
corresponding to an individual user or a public key certificate corresponding to said 
information processing apparatus, and 

said information processing apparatus stores the public key certificate issued from 
said certificate authority in the storage device of the information processing apparatus. 

4. (previously presented) A person authentication application data processing system 
according to Claim 3, wherein, in the process for storing the newly obtained person 
identification certificate in the storage device, when said newly obtained person identification 
certificate is a person identification certificate corresponding to the same user for an existing 
public key certificate which has already been stored in said information processing apparatus, 
said information processing apparatus creates pair information of identifiers of each 
certificate and stores the pair information in the storage device. 

5. (previously presented) A person authentication application data processing system 
according to Claim 3, wherein, in the process for storing the newly obtained person 
identification certificate in the storage device, when said newly obtained person identification 
certificate is a person identification certificate corresponding to the same user for an existing 
public key certificate which has already been stored in said information processing apparatus, 
said information processing apparatus creates pair information of identifiers of each 
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certificate, stores the pair information in the storage device, and registers a process identifier 
which identifies a process including services to be used. 

6. (previously presented) A person authentication application data processing system 
according to Claim 1, further comprising a service distribution device in which various 
services such as content distribution can be received from a service provider under the control 
of a service registration server on the condition of user registration for the service registration 
server, 

wherein said information processing apparatus performs a person authentication 
process based on a verification process between the template extracted from the person 
identification certificate and user input sampling information, the template being person 
identification data of an individual user who uses the information processing apparatus, and 
performs user registration for said service registration server on the condition that person 
authentication is established. 

7. (previously presented) A person authentication application data processing system 
according to Claim 1 , further comprising a service distribution device in which various 
services such as content distribution can be received from a service provider under the control 
of a service registration server on the condition of user registration for the service registration 
server, 

wherein said information processing apparatus performs mutual authentication with 
said service provider by using a public key certificate corresponding to an individual user or a 
public key certificate corresponding to said information processing apparatus in a process for 
receiving service distribution from said service provider, and 

said service provider provides services for said information processing apparatus on 
the condition that it is confirmed that the public key certificate used for said mutual 
authentication corresponds to an authorized user or device registered in said service 
registration server and said mutual authentication is established. 

8. (original) A person authentication application data processing system according to 
Claim 1, wherein data communication between said information processing apparatus as a 
person authentication execution entity and the person identification certificate authority as a 
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person identification certificate issuing entity is performed on the condition that the mutual 
authentication process is established. 

9. (previously presented) A person authentication application data processing system 
according to Claim 1, wherein, for data communication between said information processing 
apparatus as a person authentication execution entity and the person identification certificate 
authority as a person identification certificate issuing entity, a data transmission device 
creates an electronic signature for transmission data, and a receiving device verifies the 
electronic signature. 

10. (original) A person authentication application data processing system according 
to Claim 1, wherein an encryption key used to encrypt the template stored in the person 
identification certificate issued from said person identification certificate authority is a public 
key which is set for said information processing apparatus or an individual user. 

1 1 . (previously presented) A person authentication application data processing 
system according to Claim 1, wherein said template includes at least one of biometric 
information and non-biometric information and a password, the biometric information 
selected from the group consisting of fingerprint information, retina pattern information, iris 
pattern information, voice print information, and handwriting information, the non-biometric 
information selected from the group consisting of such as a seal, a passport, a drivers license, 
and a card. 

12. (currently amended) A person authentication application data processing method 
for performing a person authentication process by comparing a template extracted from a 
person identification certificate, the template including person identification data of an 
individual user who uses an information processing apparatus and user input sampling 
information, said person authentication application data processing method comprising: 

a step for providing an information processing apparatus as a person authentication 
execution entity and a person identification certificate authority as a person identification 
certificate issuing entity; 

a step in which said information processing apparatus retrieves a person identification 
certificate for person authentication based on user input information, and , when the 



5 



information processing apparatus determines that the person identification certificate has not 
been received from the person identification certificate authority and stored locally in a local 
storage device of the information processing apparatus, outputs a request for issuing a person 
identification certificate to the person identification certificate authority which is a person 
identification certificate issuing entity wh e n a p e rson id e ntification certificat e corr e sponding 
to th e us e r input information cannot b e e xtract e d ; 

a step in which said person identification certificate authority creates a person 
identification certificate including an encoded template, which can be decrypted in said 
information processing apparatus, and issues the person identification certificate responsive to 
the request from the information processing apparatus; and 

a step in which said information processing apparatus stores the person identification 
certificate issued from said person identification certificate authority in the a storage device of 
the information processing apparatus. 

13. (previously presented) A person authentication application data processing 
method according to Claim 12, wherein, when said information processing apparatus stores a 
newly obtained person identification certificate in the storage device, and when said newly 
obtained person identification certificate is a person identification certificate corresponding to 
the same user for an existing public key certificate which has already been stored in said 
information processing apparatus, said information processing apparatus creates pair 
information of identifiers of each person identification certificate and stores the pair 
information in the storage device. 

14. (previously presented) A person authentication application data processing 
method according to Claim 12, further comprising: 

a step for providing a certificate authority as a public key certificate issuing entity; 

a step in which said information processing apparatus retrieves a public key certificate 
used during data communication with an external apparatus, with stored data of the storage 
device of the information processing apparatus being used as the retrieval target on the basis 
of the user input information, creates a pair of a public key and a secret key when the 
applicable public key certificate cannot be extracted, transmits the created public key to the 
person identification certificate authority which is the issuing entity of the public key 
certificate, and makes a request for issuing a person identification certificate; 
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a step in which said person identification certificate authority issues a public key 
certificate corresponding to an individual user or a public key certificate corresponding to said 
information processing apparatus; and 

a step in which said information processing apparatus stores the public key certificate 
issued from said certificate authority in the storage device of the information processing 
apparatus. 

15. (previously presented) A person authentication application data processing 
method according to Claim 14, wherein, in the process for storing the newly obtained person 
identification certificate in the storage device, when said newly obtained person identification 
certificate is a person identification certificate corresponding to the same user for an existing 
public key certificate which has already been stored in said information processing apparatus, 
said information processing apparatus creates pair information of identifiers of each 
certificate and stores the pair information in the storage device. 

16. (previously presented) A person authentication application data processing 
method according to Claim 14, wherein, in the process for storing the newly obtained person 
identification certificate in the storage device, when said newly obtained person identification 
certificate is a person identification certificate corresponding to the same user for an existing 
public key certificate which has already been stored in said information processing apparatus, 
said information processing apparatus creates pair information of identifiers of each 
certificate, stores the pair information in the storage device, and registers a process identifier 
which identifies a process including services to be used. 

17. (previously presented) A person authentication application data processing 
method according to Claim 12, further comprising: 

a step for providing a service distribution device in which various services such as 
content distribution can be received from a service provider under the control of a service 
registration server on the condition of user registration for the service registration server; and 

a step in which said information processing apparatus performs a person 
authentication process based on a verification process between a template extracted from the 
person identification certificate and user input sampling information, the template being 
person identification data of an individual user who uses the information processing 
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apparatus, and performs user registration for said service registration server on the condition 
that person authentication is established. 

18. (previously presented) A person authentication application data processing 
method according to Claim 12, further comprising: 

a step for providing a service distribution device in which various services such as 
content distribution can be received from a service provider under the control of a service 
registration server on the condition of user registration for the service registration server; 

a step in which, in a process for receiving service distribution from said service 
provider, said information processing apparatus performs mutual authentication with said 
service provider by using a public key certificate corresponding to an individual user who 
uses the information processing apparatus or a public key certificate corresponding to said 
information processing apparatus; and 

a step in which said service provider provides services for said information processing 
apparatus on the condition that it is confirmed that the public key certificate used for said 
mutual authentication corresponds to an authorized user or device registered in said service 
registration server and said mutual authentication is established. 

19. (original) A person authentication application data processing method according 
to Claim 12, wherein data communication between said information processing apparatus as a 
person authentication execution entity and the person identification certificate authority as a 
person identification certificate issuing entity is performed on the condition that the mutual 
authentication process is established. 

20. (previously presented) A person authentication application data processing 
method according to Claim 12, wherein, for data communication between said information 
processing apparatus as a person authentication execution entity and the person identification 
certificate authority as a person identification certificate issuing entity, a data transmission 
device creates an electronic signature for transmission data, and a receiving device verifies 
the electronic signature. 

21. (original) A person authentication application data processing method according 
to Claim 12, wherein an encryption key used to encrypt the template stored in the person 
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identification certificate issued from said person identification certificate authority is a public 
key which is set for said information processing apparatus or an individual user. 

22. (currently amended) An information processing apparatus for performing a 
person authentication process based on a verification process between a template extracted 
from a person identification certificate in which the template is stored and user input 
sampling information, the template being person identification data of an individual user who 
uses the information processing apparatus, 

wherein said information processing apparatus performs a process for retrieving a 
person identification certificate used for a person authentication process based on user input 
information with stored data of the information processing apparatus being used as the 
retrieval target, outputs a request for issuing a person identification certificate to a person 
identification certificate authority, which is a person identification certificate issuing entity, 
when the information processing apparatus determines that the person identification 
certificate has not been received from the person identification certificate authority and stored 
locally in a local storage device of the information processing apparatus wh e n a p e rson 
id e ntification c e rtificat e corr e sponding to th e us e r input information cannot be e xtract e d , and 
stores the person identification certificate issued from the person identification certificate 
authority in the a storage device of the information processing apparatus. 

23. (previously presented) An information processing apparatus according to Claim 
22, wherein, in the process for storing the newly obtained personal identification certificate in 
the storage means, when said newly obtained person identification certificate is a person 
identification certificate corresponding to the same user for an existing public key certificate 
which has already been stored in said information processing apparatus, said information 
processing apparatus performs a process for creating pair information of identifiers of each 
certificate and for storing the pair information in the storage device. 

24. (previously presented) An information processing apparatus according to Claim 
22, wherein said information processing apparatus retrieves a public key certificate used for 
data communication with an external apparatus with stored data of the storage device of the 
information processing apparatus being used as the retrieval target on the basis of user input 
information, creates a pair of a public key and a secret key when a corresponding public key 
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certificate cannot be extracted, transmits the created public key to the certificate authority 
which is a public key certificate issuing entity, makes a request for issuing a public key 
certificate, and performs a process for storing the public key certificate issued from said 
certificate authority in the storage stores of the information processing apparatus. 

25. (previously presented) An information processing apparatus according to Claim 
24, wherein, in the process for storing the newly obtained personal identification certificate in 
the storage device, when said newly obtained person identification certificate is a person 
identification certificate corresponding to the same user for an existing public key certificate 
which has already been stored in said information processing apparatus, said information 
processing apparatus performs a process for creating pair information of identifiers of each 
certificate and stores the pair information in the storage device. 

26. (previously presented) An information processing apparatus according to Claim 
24, wherein, in the process for storing the newly obtained personal identification certificate in 
the storage device, when said newly obtained person identification certificate is a person 
identification certificate corresponding to the same user for an existing public key certificate 
which has already been stored in said information processing apparatus, said information 
processing apparatus performs a process for creating pair information of identifiers of each 
certificate, stores the pair information in the storage device, and registers together a process 
identifier which identifies a process such as services to be used. 

27. (currently amended) A program providing medium for providing a computer 
program for causing a person application authentication data process for performing a person 
authentication process to be performed in a computer system based on a verification process 
between a template extracted from a person identification certificate in which the template is 
stored and user input sampling information, the template being person identification data of 
an individual user who uses an information processing apparatus, said computer program 
comprising: 

a step for retrieving a person identification certificate used for a person authentication 
process based on the user input information; 

a step for outputting a request for issuing a person identification certificate to a person 
identification certificate authority, which is a person identification certificate issuing entity, 
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when the information processing apparatus determines that the person identification 
certificate has not been received from the person identification certificate authority and stored 
locally in a local storage device of the information processing apparatus wh e n a p e rson 
identification c e rtificate corr e sponding to th e us e r input information cannot be e xtract e d ; 

a step for creating pair information of identifiers of each certificate when said person 
identification certificate issued from said person identification certificate authority is a person 
identification certificate corresponding to the same user for an existing public key certificate 
which has already been stored in said information processing apparatus; and 

a step for storing the pair information in the a storage device. 
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